I have been A-List for 5 years and my RR account was recently hacked. Someone went in, changed the email (I received no notifications to my email on file) and booked 3 reservations over 2 days, wiping out 184k points. The flights were taken same and next day by random people.... I see the confirms and SW sent me the receipts. I reported to SW last Sunday and have spoken to 3 different people. They just say that the fraud team will look into. They are not giving me assurances that my points will be restored or that they intend to find out who did this and go after. I am happy to engage a lawyer and press charges against the person - it's theft.

The last thread on this was in 2011 and the person had the same thing happen, but the flights were not taken, in my case, the seats were used. Look forward to any guidance.

At the same time, I find this an interesting situation. Most think SW (or any other airline) should eat the loss and reimburse the points. But, you have to ask - why?

Did SW fail?
Where or how did the thief find a way into the system and book the tickets?
Could the account have been left open somewhere such as a public computer, or logged in via a hacked wifi site?
Was the password easy to crack?
Was it an inside job?

I would expect WN to investigate and assure itself that you were neither affirmatively involved nor made your account available to anyone. In particular someone will have paid the 9/11 Security Fee and that is hopefully trackable.

Let's say OP needed to book a flight for the stolen miles and the availability is not guaranteed until ticketes can WN just book OP with no fees or adjust the point redemption to a lower one once moles have been reinstated or book under paid and switch to a Lowe point redemption ? WN could sue the hacker for all fees and damages

Let's say OP needed to book a flight for the stolen miles can WN just book OP with no fees? WN could sue the hacker for all fees and damages

That is likely a fruitless exercise. Much easier and cheaper for WN to investigate and assure itself that OP is not complicit or negligent and then reinstate the missing points if he is not. While there is some cost to WN, it is not a cash hit to its bottom line and the percentage of points which go unused overall is significant. Thus, restoring them is a fairly standard approach.

WN isn't obligated to restore the points -- the terms of the RR program specifically state that they have no responsibility.

Generally, however, they often do. Once they can prove that the member was actually a victim of fraud. Information regarding the investigation is, for obvious reasons, not released to the customer.

Southwest would do well to increase it's account security measures -- many options are available. But since there's a cost involved, and since Southwest ultimately isn't responsible for stolen points, there's no strong motivation for them to do so.

I would expect WN to investigate and assure itself that you were neither affirmatively involved nor made your account available to anyone. In particular someone will have paid the 9/11 Security Fee and that is hopefully trackable.

Good catch. Somebody had to pay the $5.60. There are a few ways to pay this without revealing who you are.

1 - If they logged into the RR account, they can just use the credit card on file. That is what I do with all of our award tickets, and companion.

2 - They could use a legit debit/prepaid credit card that has no name tied to it.

3 - They could use a stolen credit card.

4 - They could use a SW gift card that has no name tied to it - other than other bookings if SW wanted to dig deeper.